package com.cisco.android.nchs.support;

import android.bluetooth.BluetoothAdapter;
import android.content.Context;
import android.net.wifi.WifiInfo;
import android.net.wifi.WifiManager;
import android.telephony.TelephonyManager;
import com.cisco.android.nchs.aidl.NCHSReturnCode;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Map;

/* loaded from: classes.dex */
public class SSAJavaStarter {
    private String ENTITY_NAME = "SSA_CertMgr";
    private CertificateManager mCertMgr;

    public SSAJavaStarter(Context context, String str) {
        this.mCertMgr = null;
        this.mCertMgr = new CertificateManager(context, null);
        this.mCertMgr.setKeystorePath(str);
        this.mCertMgr.setPasswordSeed(generateUUID(context));
    }

    private String generateUUID(Context context) {
        String deviceIdFromTelephonyManager = getDeviceIdFromTelephonyManager(context);
        if (deviceIdFromTelephonyManager != null) {
            return deviceIdFromTelephonyManager;
        }
        String macAddress = getMacAddress(context);
        return macAddress != null ? macAddress : "unknownDevID";
    }

    private String getDeviceIdFromTelephonyManager(Context context) {
        if (context == null) {
            return null;
        }
        try {
            if (context.getPackageManager().checkPermission("android.permission.READ_PHONE_STATE", context.getPackageName()) != 0) {
                return null;
            }
            Object systemService = context.getSystemService("phone");
            if (systemService == null || !(systemService instanceof TelephonyManager)) {
                return null;
            }
            String deviceId = ((TelephonyManager) systemService).getDeviceId();
            if (Long.parseLong(deviceId, 16) == 0) {
                return null;
            }
            return deviceId;
        } catch (Exception e) {
            return null;
        }
    }

    private String getMacAddress(Context context) {
        WifiManager wifiManager;
        WifiInfo connectionInfo;
        String macAddress;
        if (context == null) {
            return null;
        }
        if (context.getPackageManager().checkPermission("android.permission.ACCESS_WIFI_STATE", context.getPackageName()) == 0 && (wifiManager = (WifiManager) context.getSystemService("wifi")) != null && (wifiManager instanceof WifiManager) && (connectionInfo = wifiManager.getConnectionInfo()) != null && (macAddress = connectionInfo.getMacAddress()) != null) {
            return macAddress;
        }
        if (context.getPackageManager().checkPermission("android.permission.BLUETOOTH", context.getPackageName()) != 0) {
            return null;
        }
        BluetoothAdapter defaultAdapter = BluetoothAdapter.getDefaultAdapter();
        if (defaultAdapter != null) {
            String address = defaultAdapter.getAddress();
            if (address != null) {
                return address;
            }
        }
        return null;
    }

    private ClientCertData[] importPKCS12(byte[] bArr, String str) throws UnrecoverableKeyException {
        try {
            X509Certificate[] importPkcs12ClientCert = this.mCertMgr.importPkcs12ClientCert(bArr, str, null, null);
            if (importPkcs12ClientCert == null || importPkcs12ClientCert.length == 0) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importPKCS12: received a NULL cert from cert manager");
                return null;
            }
            ClientCertData[] clientCertDataArr = new ClientCertData[importPkcs12ClientCert.length];
            int i = 0;
            for (X509Certificate x509Certificate : importPkcs12ClientCert) {
                clientCertDataArr[i] = new ClientCertData(x509Certificate.getEncoded(), this.mCertMgr.getKeyAliasForCertAlias(this.mCertMgr.getCertAlias(x509Certificate)));
                i++;
            }
            return clientCertDataArr;
        } catch (CertificateEncodingException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importPKCS12: failed to encode returned cert: " + e.getMessage());
            return null;
        } catch (CertificateException e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importPKCS12: failed due to: " + e2.getMessage());
            return null;
        }
    }

    private X509Certificate[] parseBlobsIntoCertificates(int[] iArr, byte[] bArr) throws CertificateParsingException, CertificateException, IllegalArgumentException {
        int length = iArr.length;
        if (length == 0) {
            throw new CertificateException("bad arguments: no certificates provided");
        }
        int i = 0;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        for (int i2 = 0; i2 < length; i2++) {
            int i3 = iArr[i2];
            if (i3 <= 0) {
                throw new IllegalArgumentException("bad arguments: certificate[" + i2 + "] has bad length=" + i3);
            }
            if (i + i3 > bArr.length) {
                throw new IllegalArgumentException("bad arguments: total (" + i + ") + next (" + i3 + ") is greater than passed length (" + bArr.length + ")");
            }
            byte[] bArr2 = new byte[i3];
            System.arraycopy(bArr, i, bArr2, 0, i3);
            i += i3;
            CertificateManager certificateManager = this.mCertMgr;
            X509Certificate derToX509Certificate = CertificateManager.derToX509Certificate(bArr2);
            if (derToX509Certificate == null) {
                throw new CertificateParsingException("failed to parse certificate #" + i2 + " of " + length);
            }
            x509CertificateArr[i2] = derToX509Certificate;
        }
        if (bArr.length > i) {
            throw new IllegalArgumentException("bad arguments: only read " + i + " of " + bArr.length + " bytes available");
        }
        return x509CertificateArr;
    }

    protected ClientCertData[] enumerateClientCertificates() {
        Map<X509Certificate, String> enumerateClientCertificates = this.mCertMgr.enumerateClientCertificates();
        if (enumerateClientCertificates == null || enumerateClientCertificates.size() == 0) {
            return null;
        }
        ClientCertData[] clientCertDataArr = new ClientCertData[enumerateClientCertificates.size()];
        int i = 0;
        for (Map.Entry<X509Certificate, String> entry : enumerateClientCertificates.entrySet()) {
            try {
                clientCertDataArr[i] = new ClientCertData(entry.getKey().getEncoded(), entry.getValue());
                i++;
            } catch (CertificateEncodingException e) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "enumerateClientCertificates: got encoding exception: " + e.getMessage());
                return null;
            }
        }
        return clientCertDataArr;
    }

    protected boolean importCACertificates(int[] iArr, byte[] bArr) {
        try {
            boolean z = true;
            for (X509Certificate x509Certificate : this.mCertMgr.getSortedChain(parseBlobsIntoCertificates(iArr, bArr))) {
                if (this.mCertMgr.importTrustedCertificate(x509Certificate, null, null) != NCHSReturnCode.RESULT_OPERATION_COMPLETED) {
                    z = false;
                }
            }
            return z;
        } catch (IllegalArgumentException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importCACertificates: " + e.getMessage());
            return false;
        } catch (CertificateParsingException e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importCACertificates: " + e2.getMessage());
            return false;
        } catch (CertificateException e3) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "importCACertificates: " + e3.getMessage());
            return false;
        }
    }

    protected byte[] signHashWithClientCert(String str, byte[] bArr) throws UnrecoverableKeyException {
        return this.mCertMgr.signWithClientCertificate(str, bArr);
    }

    protected int verifyCertForHost(int[] iArr, byte[] bArr, String str) {
        try {
            return this.mCertMgr.verifyX509ServerCertForHost(this.mCertMgr.getSortedChain(parseBlobsIntoCertificates(iArr, bArr)), str, false, new ArrayList());
        } catch (IllegalArgumentException e) {
            return -1;
        } catch (CertificateParsingException e2) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "verifyCertForHost: " + e2.getMessage());
            return -1;
        } catch (CertificateException e3) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, this.ENTITY_NAME, "verifyCertForHost: " + e3.getMessage());
            return -1;
        }
    }
}
